General
-
Target
f252f1a56a33d636d7195d24753b844416bef3750f5db2a28f9bd016072e6ed2
-
Size
1.0MB
-
Sample
241114-2xel3ayjbq
-
MD5
59858471114fc131d3554dbc12f4cbbc
-
SHA1
768572229593872f3c591cfe5836abcbc75a6cca
-
SHA256
f252f1a56a33d636d7195d24753b844416bef3750f5db2a28f9bd016072e6ed2
-
SHA512
69b51d79413c786d1a70bd5a98e34fba7721e5f1b91137216a10b68abea2808d0a1b40356b26ac19d3c7c8c4a8014a32a8c86f93fb7ea2b461d2b2a7326d7227
-
SSDEEP
24576:Mtb20pkaCqT5TBWgNQ7aLHUBUfxVLbMz6A:1Vg5tQ7aLHe8na5
Static task
static1
Behavioral task
behavioral1
Sample
f252f1a56a33d636d7195d24753b844416bef3750f5db2a28f9bd016072e6ed2.exe
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
f252f1a56a33d636d7195d24753b844416bef3750f5db2a28f9bd016072e6ed2.exe
Resource
win10v2004-20241007-en
Malware Config
Extracted
agenttesla
Protocol: ftp- Host:
ftp://backup.smartape.ru - Port:
21 - Username:
user894492 - Password:
w6NZOdcSkH1a
Targets
-
-
Target
f252f1a56a33d636d7195d24753b844416bef3750f5db2a28f9bd016072e6ed2
-
Size
1.0MB
-
MD5
59858471114fc131d3554dbc12f4cbbc
-
SHA1
768572229593872f3c591cfe5836abcbc75a6cca
-
SHA256
f252f1a56a33d636d7195d24753b844416bef3750f5db2a28f9bd016072e6ed2
-
SHA512
69b51d79413c786d1a70bd5a98e34fba7721e5f1b91137216a10b68abea2808d0a1b40356b26ac19d3c7c8c4a8014a32a8c86f93fb7ea2b461d2b2a7326d7227
-
SSDEEP
24576:Mtb20pkaCqT5TBWgNQ7aLHUBUfxVLbMz6A:1Vg5tQ7aLHe8na5
-
AgentTesla
Agent Tesla is a remote access tool (RAT) written in visual basic.
-
Agenttesla family
-
AutoIT Executable
AutoIT scripts compiled to PE executables.
-
Suspicious use of SetThreadContext
-